include/openssl/crmf.h.in

   1 /*-
   2  * {- join("\n * ", @autowarntext) -}
   3  *
   4  * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
   5  * Copyright Nokia 2007-2019
   6  * Copyright Siemens AG 2015-2019
   7  *
   8  * Licensed under the Apache License 2.0 (the "License").  You may not use
   9  * this file except in compliance with the License.  You can obtain a copy
  10  * in the file LICENSE in the source distribution or at
  11  * https://www.openssl.org/source/license.html
  12  *
  13  * CRMF (RFC 4211) implementation by M. Peylo, M. Viljanen, and D. von Oheimb.
  14  */
  15
  16 {-
  17 use OpenSSL::stackhash qw(generate_stack_macros);
  18 -}
  19
  20 #ifndef OPENSSL_CRMF_H
  21 # define OPENSSL_CRMF_H
  22
  23 # include <openssl/opensslconf.h>
  24
  25 # ifndef OPENSSL_NO_CRMF
  26 #  include <openssl/opensslv.h>
  27 #  include <openssl/safestack.h>
  28 #  include <openssl/crmferr.h>
  29 #  include <openssl/x509v3.h> /* for GENERAL_NAME etc. */
  30
  31 /* explicit #includes not strictly needed since implied by the above: */
  32 #  include <openssl/types.h>
  33 #  include <openssl/x509.h>
  34
  35 #  ifdef __cplusplus
  36 extern "C" {
  37 #  endif
  38
  39 #  define OSSL_CRMF_POPOPRIVKEY_THISMESSAGE          0
  40 #  define OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE    1
  41 #  define OSSL_CRMF_POPOPRIVKEY_DHMAC                2
  42 #  define OSSL_CRMF_POPOPRIVKEY_AGREEMAC             3
  43 #  define OSSL_CRMF_POPOPRIVKEY_ENCRYPTEDKEY         4
  44
  45 #  define OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT       0
  46 #  define OSSL_CRMF_SUBSEQUENTMESSAGE_CHALLENGERESP  1
  47
  48 typedef struct ossl_crmf_encryptedvalue_st OSSL_CRMF_ENCRYPTEDVALUE;
  49 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCRYPTEDVALUE)
  50 typedef struct ossl_crmf_msg_st OSSL_CRMF_MSG;
  51 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSG)
  52 DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_MSG)
  53 {-
  54     generate_stack_macros("OSSL_CRMF_MSG");
  55 -}
  56 typedef struct ossl_crmf_attributetypeandvalue_st OSSL_CRMF_ATTRIBUTETYPEANDVALUE;
  57 typedef struct ossl_crmf_pbmparameter_st OSSL_CRMF_PBMPARAMETER;
  58 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PBMPARAMETER)
  59 typedef struct ossl_crmf_poposigningkey_st OSSL_CRMF_POPOSIGNINGKEY;
  60 typedef struct ossl_crmf_certrequest_st OSSL_CRMF_CERTREQUEST;
  61 typedef struct ossl_crmf_certid_st OSSL_CRMF_CERTID;
  62 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTID)
  63 DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTID)
  64 {-
  65     generate_stack_macros("OSSL_CRMF_CERTID");
  66 -}
  67
  68 typedef struct ossl_crmf_pkipublicationinfo_st OSSL_CRMF_PKIPUBLICATIONINFO;
  69 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKIPUBLICATIONINFO)
  70 typedef struct ossl_crmf_singlepubinfo_st OSSL_CRMF_SINGLEPUBINFO;
  71 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_SINGLEPUBINFO)
  72 typedef struct ossl_crmf_certtemplate_st OSSL_CRMF_CERTTEMPLATE;
  73 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTTEMPLATE)
  74 typedef STACK_OF(OSSL_CRMF_MSG) OSSL_CRMF_MSGS;
  75 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSGS)
  76
  77 typedef struct ossl_crmf_optionalvalidity_st OSSL_CRMF_OPTIONALVALIDITY;
  78
  79 /* crmf_pbm.c */
  80 OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OSSL_LIB_CTX *libctx, size_t slen,
  81                                            int owfnid, size_t itercnt,
  82                                            int macnid);
  83 int OSSL_CRMF_pbm_new(OSSL_LIB_CTX *libctx, const char *propq,
  84                       const OSSL_CRMF_PBMPARAMETER *pbmp,
  85                       const unsigned char *msg, size_t msglen,
  86                       const unsigned char *sec, size_t seclen,
  87                       unsigned char **mac, size_t *maclen);
  88
  89 /* crmf_lib.c */
  90 int OSSL_CRMF_MSG_set1_regCtrl_regToken(OSSL_CRMF_MSG *msg,
  91                                         const ASN1_UTF8STRING *tok);
  92 ASN1_UTF8STRING
  93 *OSSL_CRMF_MSG_get0_regCtrl_regToken(const OSSL_CRMF_MSG *msg);
  94 int OSSL_CRMF_MSG_set1_regCtrl_authenticator(OSSL_CRMF_MSG *msg,
  95                                              const ASN1_UTF8STRING *auth);
  96 ASN1_UTF8STRING
  97 *OSSL_CRMF_MSG_get0_regCtrl_authenticator(const OSSL_CRMF_MSG *msg);
  98 int
  99 OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
 100                                                      OSSL_CRMF_SINGLEPUBINFO *spi);
 101 #  define OSSL_CRMF_PUB_METHOD_DONTCARE 0
 102 #  define OSSL_CRMF_PUB_METHOD_X500     1
 103 #  define OSSL_CRMF_PUB_METHOD_WEB      2
 104 #  define OSSL_CRMF_PUB_METHOD_LDAP     3
 105 int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi,
 106                                      int method, GENERAL_NAME *nm);
 107 #  define OSSL_CRMF_PUB_ACTION_DONTPUBLISH   0
 108 #  define OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH 1
 109 int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
 110                                                 int action);
 111 int OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo(OSSL_CRMF_MSG *msg,
 112                                                   const OSSL_CRMF_PKIPUBLICATIONINFO *pi);
 113 OSSL_CRMF_PKIPUBLICATIONINFO
 114 *OSSL_CRMF_MSG_get0_regCtrl_pkiPublicationInfo(const OSSL_CRMF_MSG *msg);
 115 int OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey(OSSL_CRMF_MSG *msg,
 116                                                const X509_PUBKEY *pubkey);
 117 X509_PUBKEY
 118 *OSSL_CRMF_MSG_get0_regCtrl_protocolEncrKey(const OSSL_CRMF_MSG *msg);
 119 int OSSL_CRMF_MSG_set1_regCtrl_oldCertID(OSSL_CRMF_MSG *msg,
 120                                          const OSSL_CRMF_CERTID *cid);
 121 OSSL_CRMF_CERTID
 122 *OSSL_CRMF_MSG_get0_regCtrl_oldCertID(const OSSL_CRMF_MSG *msg);
 123 OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer,
 124                                        const ASN1_INTEGER *serial);
 125
 126 int OSSL_CRMF_MSG_set1_regInfo_utf8Pairs(OSSL_CRMF_MSG *msg,
 127                                          const ASN1_UTF8STRING *utf8pairs);
 128 ASN1_UTF8STRING
 129 *OSSL_CRMF_MSG_get0_regInfo_utf8Pairs(const OSSL_CRMF_MSG *msg);
 130 int OSSL_CRMF_MSG_set1_regInfo_certReq(OSSL_CRMF_MSG *msg,
 131                                        const OSSL_CRMF_CERTREQUEST *cr);
 132 OSSL_CRMF_CERTREQUEST
 133 *OSSL_CRMF_MSG_get0_regInfo_certReq(const OSSL_CRMF_MSG *msg);
 134
 135 int OSSL_CRMF_MSG_set0_validity(OSSL_CRMF_MSG *crm,
 136                                 ASN1_TIME *notBefore, ASN1_TIME *notAfter);
 137 int OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG *crm, int rid);
 138 int OSSL_CRMF_MSG_get_certReqId(const OSSL_CRMF_MSG *crm);
 139 int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm, X509_EXTENSIONS *exts);
 140
 141 int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, X509_EXTENSION *ext);
 142 #  define OSSL_CRMF_POPO_NONE       -1
 143 #  define OSSL_CRMF_POPO_RAVERIFIED 0
 144 #  define OSSL_CRMF_POPO_SIGNATURE  1
 145 #  define OSSL_CRMF_POPO_KEYENC     2
 146 #  define OSSL_CRMF_POPO_KEYAGREE   3
 147 int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm,
 148                               EVP_PKEY *pkey, const EVP_MD *digest,
 149                               OSSL_LIB_CTX *libctx, const char *propq);
 150 int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
 151                                int rid, int acceptRAVerified,
 152                                OSSL_LIB_CTX *libctx, const char *propq);
 153 OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm);
 154 const ASN1_INTEGER
 155 *OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl);
 156 const X509_NAME
 157 *OSSL_CRMF_CERTTEMPLATE_get0_subject(const OSSL_CRMF_CERTTEMPLATE *tmpl);
 158 const X509_NAME
 159 *OSSL_CRMF_CERTTEMPLATE_get0_issuer(const OSSL_CRMF_CERTTEMPLATE *tmpl);
 160 X509_EXTENSIONS
 161 *OSSL_CRMF_CERTTEMPLATE_get0_extensions(const OSSL_CRMF_CERTTEMPLATE *tmpl);
 162 const X509_NAME
 163 *OSSL_CRMF_CERTID_get0_issuer(const OSSL_CRMF_CERTID *cid);
 164 const ASN1_INTEGER
 165 *OSSL_CRMF_CERTID_get0_serialNumber(const OSSL_CRMF_CERTID *cid);
 166 int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl,
 167                                 EVP_PKEY *pubkey,
 168                                 const X509_NAME *subject,
 169                                 const X509_NAME *issuer,
 170                                 const ASN1_INTEGER *serial);
 171 X509
 172 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert,
 173                                        OSSL_LIB_CTX *libctx, const char *propq,
 174                                        EVP_PKEY *pkey);
 175
 176 #  ifdef __cplusplus
 177 }
 178 #  endif
 179 # endif /* !defined(OPENSSL_NO_CRMF) */
 180 #endif /* !defined(OPENSSL_CRMF_H) */